From c0b675b01189ac50cf0feff30441eb7307d5c936 Mon Sep 17 00:00:00 2001
From: Sarah Jamie Lewis <sarah@openprivacy.ca>
Date: Mon, 20 Jul 2020 17:41:50 -0700
Subject: [PATCH] Use hmac.Write instead of hmac.Sum when verifying tokens

---
 primitives/privacypass/token.go       | 3 ++-
 primitives/privacypass/tokenserver.go | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/primitives/privacypass/token.go b/primitives/privacypass/token.go
index 8bc9a77..d8dcdd5 100644
--- a/primitives/privacypass/token.go
+++ b/primitives/privacypass/token.go
@@ -72,7 +72,8 @@ func (t *Token) unblindSignedToken(token SignedToken) {
 func (t *Token) SpendToken(data []byte) SpentToken {
 	key := sha3.Sum256(append(t.t, t.W.Encode(nil)...))
 	mac := hmac.New(sha3.New512, key[:])
-	return SpentToken{t.t, mac.Sum(data)}
+	mac.Write(data)
+	return SpentToken{t.t, mac.Sum(nil)}
 }
 
 // GenerateBlindedTokenBatch generates a batch of blinded tokens (and their unblinded equivalents)
diff --git a/primitives/privacypass/tokenserver.go b/primitives/privacypass/tokenserver.go
index c5036d2..0945499 100644
--- a/primitives/privacypass/tokenserver.go
+++ b/primitives/privacypass/tokenserver.go
@@ -136,7 +136,8 @@ func (ts *TokenServer) SpendToken(token SpentToken, data []byte) error {
 	W := new(ristretto.Element).ScalarMult(ts.k, T)
 	key := sha3.Sum256(append(token.T, W.Encode(nil)...))
 	mac := hmac.New(sha3.New512, key[:])
-	computedMAC := mac.Sum(data)
+	mac.Write(data)
+	computedMAC := mac.Sum(nil)
 	result := hmac.Equal(token.MAC, computedMAC)
 	if result == true {
 		if ts.persistanceService == nil {